CVE-2022-40265

CVSS V2 None CVSS V3 None
Description
Improper Input Validation vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series RJ71EN71 Firmware version "65" and prior and Mitsubishi Electric Corporation MELSEC iQ-R Series R04/08/16/32/120ENCPU Network Part Firmware version "65" and prior allows a remote unauthenticated attacker to cause a Denial of Service condition by sending specially crafted packets. A system reset is required for recovery.
Overview
  • CVE ID
  • CVE-2022-40265
  • Assigner
  • Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-11-30T01:15:09
  • Last Modified Date
  • 2022-12-06T19:36:10
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:mitsubishielectric:rj71en71_firmware:*:*:*:*:*:*:*:* 1 OR 65
cpe:2.3:h:mitsubishielectric:rj71en71:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:mitsubishielectric:r04encpu_firmware:*:*:*:*:*:*:*:* 1 OR 65
cpe:2.3:h:mitsubishielectric:r04encpu:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:mitsubishielectric:r08encpu_firmware:*:*:*:*:*:*:*:* 1 OR 65
cpe:2.3:h:mitsubishielectric:r08encpu:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:mitsubishielectric:r16encpu_firmware:*:*:*:*:*:*:*:* 1 OR 65
cpe:2.3:h:mitsubishielectric:r16encpu:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:mitsubishielectric:r32encpu_firmware:*:*:*:*:*:*:*:* 1 OR 65
cpe:2.3:h:mitsubishielectric:r32encpu:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:mitsubishielectric:r120encpu_firmware:*:*:*:*:*:*:*:* 1 OR 65
cpe:2.3:h:mitsubishielectric:r120encpu:-:*:*:*:*:*:*:* 0 OR
References
History
Created Old Value New Value Data Type Notes
2022-12-07 18:05:37 Added to TrackCVE
2022-12-18 04:33:54 2022-11-30T01:15:09.873 2022-11-30T01:15:09 CVE Published Date updated
2022-12-18 04:33:54 2022-12-06T19:36:10 CVE Modified Date updated